mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

container: more read-only volumes (#275)
All checks were successful
ansible-lint / gitleaks (push) Successful in 3s
Details
ansible-lint / Ansible Lint (push) Successful in 25s
Details

Browse source 
Reviewed-on: #275
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2025-01-03 15:12:49 +01:00 committed by Michael Grote
parent dd375ea74a
commit dd9b4578a3
6 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docker-compose/act-runner/docker-compose.yml.j2
View file

@ -15,7 +15,7 @@ services:
- no-new-privileges=true - no-new-privileges=true
volumes: volumes:
- act_runner_data:/data - act_runner_data:/data
- ./config.yml:/config.yml - ./config.yml:/config.yml:ro
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
environment: environment:
GITEA_INSTANCE_URL: https://git.mgrote.net GITEA_INSTANCE_URL: https://git.mgrote.net

3
docker-compose/authelia/docker-compose.yml.j2
View file

@ -17,8 +17,7 @@ services:
environment: environment:
TZ: Europe/Berlin TZ: Europe/Berlin
volumes: volumes:
- ./configuration.yml:/config/configuration.yml - ./configuration.yml:/config/configuration.yml:ro
- ./users_database.yml:/config/users_database.yml
- authelia_data:/data - authelia_data:/data
labels: labels:
traefik.enable: true traefik.enable: true

4
docker-compose/lldap/docker-compose.yml.j2
View file

@ -15,8 +15,8 @@ services:
- "3890:3890" - "3890:3890"
- "17170:17170" # front-end - "17170:17170" # front-end
volumes: volumes:
- "lldap_data:/data" - lldap_data:/data
- "./lldap_config.toml:/data/lldap_config.toml" - ./lldap_config.toml:/data/lldap_config.toml:ro
environment: environment:
TZ: Europe/Berlin TZ: Europe/Berlin
networks: networks:

2
docker-compose/miniflux/docker-compose.yml.j2
View file

@ -87,7 +87,7 @@ services:
#MF_DEBUG: 1 #MF_DEBUG: 1
image: "registry.mgrote.net/miniflux-filter:latest" image: "registry.mgrote.net/miniflux-filter:latest"
volumes: volumes:
- ./filter.txt:/data/filter.txt - ./filter.txt:/data/filter.txt:ro
networks: networks:
- internal - internal

4
docker-compose/traefik/docker-compose.yml.j2
View file

@ -16,8 +16,8 @@ services:
- no-new-privileges=true - no-new-privileges=true
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.yml:/etc/traefik/traefik.yml - ./traefik.yml:/etc/traefik/traefik.yml:ro
- ./file-provider.yml:/etc/traefik/file-provider.yml - ./file-provider.yml:/etc/traefik/file-provider.yml:ro
- acme_data:/etc/traefik/acme - acme_data:/etc/traefik/acme
networks: networks:
- traefik - traefik

2
docker-compose/wiki/docker-compose.yml.j2
View file

@ -16,7 +16,7 @@ services:
ports: ports:
- 8087:80 - 8087:80
volumes: volumes:
- /docker/wiki/site/site:/usr/local/apache2/htdocs/ - /docker/wiki/site/site:/usr/local/apache2/htdocs/:ro
# /docker/wiki/site/site ist ein lokales Verzeichnis auf docker10 # /docker/wiki/site/site ist ein lokales Verzeichnis auf docker10
# dieser Verzeichnis wird direkt in der Wiki CI gemountet # dieser Verzeichnis wird direkt in der Wiki CI gemountet
# und die Daten werden dort reingeschrieben # und die Daten werden dort reingeschrieben